stf_status
ikev2_verify_rsa_sha1(struct state *st
, enum phase1_role role
, unsigned char *idhash
, const struct pubkey_list *keys_from_dns
, const struct gw_info *gateways_from_dns
, pb_stream *sig_pbs)
{
unsigned char calc_hash[SHA1_DIGEST_SIZE];
unsigned int hash_len = SHA1_DIGEST_SIZE;
enum phase1_role invertrole;
invertrole = (role == INITIATOR ? RESPONDER : INITIATOR);
ikev2_calculate_sighash(st, invertrole, idhash, st->st_firstpacket_him, calc_hash);
return RSA_check_signature_gen(st, calc_hash, hash_len
, sig_pbs
#ifdef USE_KEYRR
, keys_from_dns
#endif
, gateways_from_dns
, try_RSA_signature_v2);
}
bool ikev2_calculate_rsa_sha1(struct state *st
, enum phase1_role role
, unsigned char *idhash
, pb_stream *a_pbs)
{
unsigned char signed_octets[SHA1_DIGEST_SIZE+16];
size_t signed_len;
const struct connection *c = st->st_connection;
const struct RSA_private_key *k = get_RSA_private_key(c);
unsigned int sz;
if (k == NULL)
return 0; /* failure: no key to use */
sz = k->pub.k;
/*
* this is the prefix of the ASN/DER goop that lives inside RSA-SHA1
* signatures. If the signing hash changes, this needs to change
* too, but this function is specific to RSA-SHA1.
*/
memcpy(signed_octets, der_digestinfo, der_digestinfo_len);
ikev2_calculate_sighash(st, role, idhash
, st->st_firstpacket_me
, signed_octets+der_digestinfo_len);
signed_len = der_digestinfo_len + SHA1_DIGEST_SIZE;
passert(RSA_MIN_OCTETS <= sz && 4 + signed_len < sz && sz <= RSA_MAX_OCTETS);
DBG(DBG_CRYPT
, DBG_dump("v2rsa octets", signed_octets, signed_len));
{
u_char sig_val[RSA_MAX_OCTETS];
/* now generate signature blob */
sign_hash(k, signed_octets, signed_len
, sig_val, sz);
out_raw(sig_val, sz, a_pbs, "rsa signature");
}
return TRUE;
}
bool ikev2_calculate_rsa_sha1(struct state *st,
enum phase1_role role,
unsigned char *idhash,
pb_stream *a_pbs)
{
unsigned char signed_octets[SHA1_DIGEST_SIZE + 16];
size_t signed_len;
const struct connection *c = st->st_connection;
const struct RSA_private_key *k = get_RSA_private_key(c);
unsigned int sz;
if (k == NULL)
return FALSE; /* failure: no key to use */
sz = k->pub.k;
memcpy(signed_octets, der_digestinfo, der_digestinfo_len);
ikev2_calculate_sighash(st, role, idhash,
st->st_firstpacket_me,
signed_octets + der_digestinfo_len);
signed_len = der_digestinfo_len + SHA1_DIGEST_SIZE;
passert(RSA_MIN_OCTETS <= sz && 4 + signed_len < sz &&
sz <= RSA_MAX_OCTETS);
DBG(DBG_CRYPT,
DBG_dump("v2rsa octets", signed_octets, signed_len));
{
/* now generate signature blob */
u_char sig_val[RSA_MAX_OCTETS];
int shr;
shr = sign_hash(k, signed_octets, signed_len, sig_val, sz);
if (shr == 0)
return FALSE;
passert(shr == (int)sz);
if (!out_raw(sig_val, sz, a_pbs, "rsa signature"))
return FALSE;
}
return TRUE;
}
